Standards

CAMP (Cloud Application Management for Platforms)

CAMP(Cloud Application Management for Platforms) from OASIS standard aims to standardise the cloud PaaS management by defining APIs using REST and JSON that help packaging and deploying applications, and controlling PaaS workflows. CAMP also defines mechanisms for the monitoring and control of applications.

CDMI (Cloud Data Management Interface)

CDMI (Cloud Data Management Interface) from SNIA defines a RESTful interface that allows cloud applications and users to retrieve and perform operations on the data from the cloud. The interface allows capability discovery of storage elements of the cloud. It also allows administrators to manage the containers, i.e., metadata, and user accounts and credentials pertaining to the cloud storage.

CIMI (Cloud Infrastructure Management Interface)

CIMI (Cloud Infrastructure Management Interface) from DMTF is a standard that targets the management of resources within the IaaS domain. CIMI attempts to provide first-class support to Open Virtualization Format standard.

ESRI Shapefile

The ESRI Shapefile format is a de facto standard for storing geospatial vector data in files. Developed originally by the Environmental Systems Research Institute (ESRI), the format gained prominence through widespread use in the field of Geospatial Information Systems. The shapefile format makes it possible to spatially describe vector features (points, lines, and polygons), representing for example boreholes, transportation networks and buildings. Each item can have descriptive attributes, such as a name or a scientific measurement.

Health Level Seven International (HL7)

The HL7 Health Level Seven Version 3 (V3) standard focuses on interoperability of the health and medical transactions. It specifies how the information should be presented in a clinical context to ensure that the two parties of a transaction share the semantics of the data exchanged. The messaging standard defines a set of interactions, i.e. XML-based messages, to support all healthcare workflow. The Reference Information Model (ISO/HL7 21731) expresses the data content needed in a specific clinical or administrative context. The HL7 Development Framework (ISO/HL7 27931) specifies messaging, processes, tools, actors, rules, and artefacts relevant to development of all HL7 standard specifications for the development of an interoperable healthcare framework.

The security technical committee of HL7 has produced a set of guidelines for the security and privacy policy management, privilege management, access control and auditing. Some of these standards are: HL7 Healthcare Privacy and Security Classification System (HCS), Role-based Access Control Healthcare Permission Catalog (RBAC), HL7 Version 3 Standard: Privacy, Access and Security Services; Security Labeling Service (SLS), and the Privacy, Access and Security Services (PASS).

ISO 22857

ISO 22857 provides guidance on data protection requirements to facilitate the transfer of personal health data across national or jurisdictional borders. The standard does not require the harmonisation of the national legislations in terms of data protection and national guidelines to prevent threats to the privacy of the individual, i.e. ensure that medical data of a patient is adequately protected when transmitted and processed by another organisation. The goal is to ensure compliance to security policy principles of an organisation in the trans-national transfer of personal data.

ISO 27799

ISO 27799 provides guidance for the application and implementation of ISO/IEC 2700 for the health sector. The target is organisations holding or processing personal health information and the standard describes how these organisations should protect the information and maintain the confidentiality, integrity and availability of personal health information.

ISO/IEC 27001

ISO/IEC 27001 contains the requirements for the design, maintenance, and implementation of an information security system, and it identifies the interested parties and their needs, the security risks and actions.

ISO/IEC 27002

ISO/IEC 27002 discusses the best practices, or security controls, to maintain and implement the security system. These recommendations and best practices are not specifically for cloud computing but they can be applied to cloud services; providers can certify the compliance to the standards for their cloud services. ISO/IEC is currently developing a new standard (ISO/IEC 27017) that deals with cloud computing specifically by mapping the ISO/IEC 27002 to cloud services.

ISO/IEC 27018

ISO/IEC 27018 standard extends the established ISO/IEC 27002 standard to deal with the protection of Personally Identifiable Information (PII) in public clouds, which act as processors of personal data.